Lets say I create a file request, for EVE Artwork, artwork of a game called EVE Online. These files should be images only with a maximum size of 10 megs at the very very most. Now, who's to stop someone from uploading 5, two gig files? Who's to stop someone from uploading a virus screensaver file, with an infected thumbnail so that if you even load the folder and see the thumbnail, your computer becomes infected with a dangerous virus? What if someone just wants to fill your space without using his bandwidth? He can upload an image filled with zeros, that takes only a few kilobytes to upload but the file size registered as two gigs each one.
File Request, needs to have some limitations that users can put on it.
When I request files, I want to be able to set it so that only specific file types can be allowed. In this example, I would put it so that only PNG, JPG, GIF, and such are accepted.
I should also be allowed to set the maximum size of each file that can be uploaded, so that no one can upload some 2 gig file. In this example, I would set the max size to 10 megs.
One more feature, is I'd like an option that allows me to set it so only a dropbox user can add files here, so if they upload a virus or something bad, I can report it and dropbox staff can ban the user's account or take appropriate actions.
I also think that the file request page, should allow you to have a description on it. Not just a name like if I name it "EVE Artwork", but a description I can type out to tell people exactly what I'm looking for. I don't want to name the folder some large ass thing and have a folder on my computer that's name is a sentence long.
That's great, thanks for smushing all my separated paragraphs together. Making it an ugly wall of text. Great help with the formatting Dropbox.
Who's to stop someone from uploading a virus screensaver file,
End users should have appropriate virus scanning technology on there devices.
I agree it could need some tweaking (based upon your reading), but, unless you are sending the requests to randoms you should be ok AND personally I really really do not want Dropbox virus scanning my data - thats MY job, not theres!
- - - -
Did this post help you? If so please mark it for some Kudos below.
Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.
Did this post not resolve your issue? If so please give us some more information so we can try and help - please remember we cannot see over your shoulder so be as descriptive as possible!
Since no executed code exists in thumbnails I would suggest LOGIC prevents this.
And if your gonna blindly hand out a upload access portal then its your own fault who might use it.
I already know someone using it intelligently, the portal uploads files, that download via sync to a local machine of theirs and that machine immediately clears the folder by moving the files out of dropbox for human inspection. If your to lazy to monitor whats happening you deserve everything you get.
Even if you forget about the virus concern, the rest of his comments are valid and an excellent set of improvements on the File-Request feature.
Is there a downvote for Dave's post? -.-
Clearly he had nothing nice to say whatsoever so he shouldn't have said anything at all.
I have heard of people getting an infection through a thumbnail before and definitely through screensavers. I don't have the link to prove so I can't prove it right now.
And I never said I wanted dropbox staff to scan the files for me prior to them ending up on my machine. I said I want an option so only dropbox users can upload a file, that way if one does upload a virus, I can report that user.
Vas V : sorry you feel so offended by anything that I said that differs from you, but you know how it is reality hurts :-P . Also don't believe everything you can find links to on the internet, apparently some stuff isn't always accurate.
I once heard that a virus can hide in the cmos memory of your computer, of course that doesn't make it so. See there is a lot of differences between data (thumbnails) and execution code (screensavers).
On the subject of restricting uploads to Dropbox users, you could always just share a folder with them, its not as clean as restricting file request uploaders to just users, but the whole point of file requests was so people didnt need to be dropbox users. And of course many people dont know they have a virus when they accidently upload it, thats the whole sneaky idea of the thing.
[This thread is now closed by moderators due to inactivity. If you're experiencing a similar behavior, feel free to start a new discussion in the Dropbox Community .]
The way we work is changing. Share and discover new ways to work smarter with Dropbox in our community.Sound good? Let's get started.
For more info on available support options, see this article.
If you found the answer to your question, please 'like' the post to say thanks to the user!